SAMMWise

SAMMwise provides a convenient, browser-based interface for capturing SAMM assessment responses. With this tool, users can:

Enter responses for a single assessment

Visualize the maturity results based on entered responses

Compare maturity results to those for a previous assessment

Assessment responses can be saved to the user's local computer, in a JSON-formatted text file. Responses are retained only on the local system and are not shared with any other system or persons.

About SAMM

The Open Web Application Security Project's Software Assurance Maturity Model (OWASP SAMM) is an open framework to help organizations formulate and implement a strategy for software security, tailored to the specific risks facing the organization.

The resources provided by SAMM (including this tool) are intended to aid in:

Evaluating an organization’s existing software security practices;

Building toward a balanced software security assurance program in well-defined iterations;

Demonstrating concrete improvements to a security assurance program; and

Defining and measuring security-related activities throughout an organization.

SAMM was defined with flexibility in mind such that it can be utilized by small, medium, and large organizations using any style of development. Additionally, this model can be applied organization-wide, for a single line-of-business, or even for an individual project.